removes Cross-Origin-Embedder-Policy header because it breaks all our…

… youtube embeds (#1853)
TASVideos · May 19, 2024 · 59dac25 · 59dac25
1 parent 954f307
commit 59dac25
Showing 1 changed file with 0 additions and 1 deletion.
diff --git a/TASVideos/Extensions/ApplicationBuilderExtensions.cs b/TASVideos/Extensions/ApplicationBuilderExtensions.cs
@@ -56,7 +56,6 @@ public static IApplicationBuilder UseMvcWithOptions(this IApplicationBuilder app
 		]);
 		app.Use(async (context, next) =>
 		{
-			context.Response.Headers["Cross-Origin-Embedder-Policy"] = "credentialless";
 			context.Response.Headers["Cross-Origin-Opener-Policy"] = "same-origin";
 			context.Response.Headers["Cross-Origin-Resource-Policy"] = "cross-origin"; // TODO this is as unsecure as before; should be `same-site` or `same-origin` when serving auth-gated responses
 			context.Response.Headers["Permissions-Policy"] = permissionsPolicyValue;